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Top Stories 

• Miller County, Arkansas officials announced April 28 that an oil spill caused by a leak in a 
line covering 40 to 60 acres of an area in the county could take 1-2 weeks to clean up. - 
KSLA 12 Shreveport (See item 1) 

• American Airlines reported that a software application problem with iPads used by pilots 
forced the airline to ground about two dozen flights April 28. - USA Today (See item 8) 

• A garbage truck rear-ended a New Britain Public Schools bus in Glastonbury, Connecticut, 
April 28 causing 33 students from John Barry School to be transported to area hospitals 
with injuries. - WFSB 3 Hartford (See item 17 ) 

• A Major League Baseball game scheduled to be played at Oriole Park at Camden Yards in 
Baltimore April 29 was closed to the public following a wave of looting and riots around 
the ballpark after protests in the city April 27 - April 28. - WRC 4 Washington, D.C. (See 
item 24) 
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Energy Sector 



1. April 28, KSLA 12 Shreveport - (Arkansas) Oil spill in Miller County could take 
weeks to clean up. Miller County officials announced April 28 that an oil spill 
covering 40 to 60 acres of an area in the county could take 1-2 weeks to clean up. 
Crews used oil booms to clean up the spill that was reportedly caused by a leak in one 
of the lines. 

Source: http://www.ksla.com/storv/28923049/hazmat-crews-on-scene-of-oil-spill-in- 
miller-county 
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Chemical Industry Sector 

2. April 28, U.S. Department of Labor - (New York) Hotel soap and shampoo 
manufacturer faces fines of nearly $104K for exposing employees to dangerous 
chemical and fire hazards. The Occupational Safety and Health Administration cited 
Marietta Corp., April 28 for 3 repeat and 6 serious violations and issued $103,800 in 
fines following a November 2014 inspection of the company’s hotel soap and shampoo 
manufacturing plant in Cortland, New York. The inspection revealed worker exposure 
to chemical and fire hazards, blocked emergency exit routes, and improper chemical 
storage among other violations. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=27864 
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Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 
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Critical Manufacturing Sector 

Nothing to report 
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Defense Industrial Base Sector 

3. April 28, U.S. Environmental Protection Agency - (Washington) EPA: Lockheed 
West Seattle/Shipyard 2 cleanup will help Puget Sound. The U.S. Environmental 
Protection Agency ordered Lockheed Martin Corporation to clean up the Lockheed 
West Seattle Shipyard/Shipyard 2 April 28 as part of an ongoing series of 
contamination cleanups around Elliott Bay and the lower Duwamish waterway. 
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Lockheed has been developing a cleanup plan for the former shipyard since it was 
listed on the National Priorities List in 2007, and expects to remove about 167,000 
cubic yards of contaminated material from the site starting in 2018. 

Source: 

http://vosemite.epa.gov/opa/admpress.nsf/21b8983ffa5d0e4685257dd4006b85e2/a65eb 

3344d703b0985257e3500745b07!QpenDocument 
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Financial Services Sector 

4. April 28, Columbus Dispatch - (Ohio) Reward increased for ‘Buckeye Bandit.’ The 
FBI and Central Ohio Crime Stoppers offered an increased reward of up to $10,000 for 
information leading to the arrest of the bank robbery suspect dubbed the ‘Buckeye 
Bandit’ after he allegedly robbed the Cooper State Bank branch in Columbus April 26. 
The suspect is believed to have committed 24 bank and store robberies dating back to 
2013. 

Source: http://www.dispatch.com/content/stories/local/2015/04/28/reward-for-bank- 
robber.html 

5. April 28, Softpedia - (International) Malware delivered via malicious macro in 
Word document embedded in PDF. Security researchers at Avast discovered that 
cybercriminals are employing a new malware delivery technique in which they embed 
Microsoft Word documents with malicious macros into seemingly legitimate Adobe 
Portable Document Files (PDFs). Once the document is opened and macros are 
enabled, a script downloads a variant of the Dridex banking trojan to steal banking 
credentials and Google and Microsoft login information. 

Source: http://news.softpedia.com/news/Malware-Delivered-via-Malicious-Macro-in- 
W ord-Document-Embedded-in-PDF-4795 93 . shtml 
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Transportation Systems Sector 

6. April 29, KUSA 9 Denver - (Colorado) Battery acid spill after big-rig crash on 1-70. 
A semi-truck carrying hundreds of vehicle batteries overturned on Interstate 70 near 
Silverthome April 28 spilling an estimated 30 gallons of battery acid onto the roadway, 
and prompting the closure of westbound lanes for several hours before officials 
reopened lanes April 29. 

Source: http://www.9news.com/storv/news/local/2015/04/28/battery-acid-spill-after- 
big-rig-crash-on-i-70/26551371/ 

7. April 29, KXAN 36 Austin - (Texas) 1-35 reopens in Round Rock nearly 7 hours 
after fiery crash. One northbound and one southbound lane of Interstate 35 in Round 
Rock were reopened more than 2 hours after the entire interstate was shut down due to 
an accident involving 2 vehicles April 28. The remaining northbound and southbound 
lanes were reopened about 5 hours later after crews cleared the scene. 
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Source: http://kxan.com/2015/04/28/i-35-closed-in-both-directions-in-round-rock/ 



8. April 29, USA Today - (National) Travelers scramble after iPad issues delay 
American Airlines flights. American Airlines reported that a software application 
problem with iPads used by pilots forced the airline to ground about two dozen flights 
April 28. 

Source: http://www.usatodav.com/storv/news/nation/2015/04/29/ipad-issues-ground- 
american-airlines-flights/26565621/ 

9. April 28, Reuters - (Pennsylvania) United Express flight with engine fire forced to 
land in Philadelphia. The U.S. Federal Aviation Administration reported April 28 that 
a United Airlines Express flight from Raleigh-Durham, North Carolina, to Newark, 
New Jersey, made an emergency landing at Philadelphia International Airport due to an 
engine fire that prompted the engine to shut down. Maintenance crews are reviewing 
the problem after the plane was sprayed with foam upon landing safely. 

Source: http://www.msn.com/en-us/news/us/united-express-flight-with-engine-fire- 
forced-to-land-in-philadelphia/ar-BBiNFgT 
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Food and Agriculture Sector 

10. April 29, Chippewa Herald - (Wisconsin) Barron County's third case of bird flu 
brings state's total to seven. Officials confirmed that the presence of the H5 avian flu 
April 28 at a Barron County commercial facility that houses 108,000 turkeys, marking 
the seventh case in Wisconsin. The affected birds will be euthanized and will not enter 
the food supply. 

Source: http://chippewa.com/news/local/barron-countv-s-third-case-of-bird-flu-brings- 
state/article e3c579c9-f71a-5855-9609-f82bd68788f2.html 



11. April 29, U.S. Food and Drug Administration - (National) Hy-Vee recalls Summer 
Fresh Pasta Salad. The U.S. Food and Drug Administration reported April 28 that Hy- 
Vee, Inc., issued a recall for its ready-to-eat Summer Fresh Pasta Salad after the 
company was notified by a supplier that an ingredient used during manufacturing may 
be contaminated with Fisteria monocytogenes. The recalled product was sold in kitchen 
department cold cases and salad bars at a limited number of Hy-Vee stores across 
several Midwestern States. 

Source: http://www.fda.gov/Safety/Recalls/ucm444946.htm 

12. April 28, KTIV 4 Sioux City - (Iowa) 4th confirmed case of bird flu in northwest 
Iowa. The U.S. Department of Agriculture confirmed April 28 the presence of avian flu 
at the Center Fresh Group-owned Sioux County Egg Farm in Iowa that houses 1 .7 
million birds. 

Source: http://www.ktiv.com/story/28924436/2015/04/28/4th-confirmed-case-of-bird- 
flu-in-northwest-iowa 
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Water and Wastewater Systems Sector 

13. April 28, Providence Journal - (Rhode Island) Final, $815M phase of sewer project 
OK’d. The Board of Commissioners of the Narragansett Bay Commission approved an 
$815 million project April 28 that will be considered the third phase of a plan to 
contain and treat contaminated storm water in sewer systems in Providence, Pawtucket, 
Central Falls, and overflows into the Seekonk and Providence rivers, and the upper 
portion of Narragansett Bay. The third phase will address nearly all of the remaining 
tainted water and bring the total cost of the project to $1.36 billion. 

Source: http://www.providenceioumal.com/article/20150428/NEWS/150429199/13814 



[ Return to top ] 



Healthcare and Public Health Sector 

Nothing to report 
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Government Facilities Sector 

14. April 29, Baton Rouge Advocate - (Louisiana) More than 12,000 east Baton Rouge 
customers still without power; some schools remain closed Wednesday. At least 8 
Baton Rouge schools remained closed April 29 while Entergy crews worked to restore 
power to 12,323 customers that remained without service following severe storms April 
27. 

Source: http://theadvocate.com/news/12232744-123/some-schools-in-baton-rouge 

15. April 28, Newark Star-Ledger - (New Jersey) Cyber attack causes Rutgers internet 
service interruptions. The Rutgers Office of Information and Technology reported 
April 28 that a distributed denial of service (DDoS) attack against the Rutgers 
University computer network caused ongoing interruptions in Internet service. The 
New Jersey university announced that it is working with the FBI to investigate the 
cyberattack and technicians were working to restore services. 

Source: 

http://www.ni.com/middlesex/index.ssf/2015/04/cyber attack against rutgers causes 
internet servi.html 



16. April 28, WTOC 11 Savannah - (Georgia) 4 students injured after accident at US 80, 
1-95 involving pair of buses. Four students were transported to an area hospital 
following a crash involving two Savannah-Chatham County Public School System 
buses on Highway 80 in Pooler April 28. 

Source: http://www.wtvm.com/storv/28923119/wreck-involving-pair-of-school-buses- 
slows-traffic-at-us-80-i-95 
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17. April 28, WFSB 3 Hartford - (Connecticut) School bus crash sends students to 
hospital as a precaution. A garbage truck rear-ended a New Britain Public Schools 
bus in Glastonbury April 28 causing 33 students from John Barry School to be 
transported to area hospitals with injuries. 

Source: http://www.wfsb.com/storv/28918167/students-taken-to-hospital-as- 
precaution-after-school-bus-crash-in-glastonbury 

For another story, see item 21 
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Emergency Services Sector 

18. April 28, Centre Daily Times - (Pennsylvania) 5 staffers injured at SCI Houtzdale; 
situation ‘resolved peacefully.’ Inmate visits were canceled until further notice after 
the State Correctional Institution at Houtzdale was locked down for several hours April 
28 due to a fight between 2 inmates in the prison yard that left 5 correctional officers 
injured. The fight was resolved without further incident after a number of inmates who 
initially refused to leave the recreation area were returned to their cells. 

Source: http://www.centredailv.com/2015/04/28/4723477 sci-houtzdale-on-lockdown- 
after.html 



[Return to top ] 

Information Technology Sector 

19. April 29, Securityweek - (International) InFocus projectors plagued by 
authentication flaws: Core Security. Security researchers at Core Security identified 
an authentication bypass vulnerability in InFocus network-connected projectors in 
which an unauthenticated user could bypass the login page and access the projector’s 
Web interface as an administrator by navigating to the “main.html” page. Once logged 
in, the unauthenticated user would have the ability to access and modify private 
network and WiFi configuration information. 

Source: http://www.securitvweek.com/infocus-proiectors-plagued-authentication- 
flaws-core-security 

20. April 29, Softpedia - (International) Routers built with RealTek SDK affected by 
remote command-injection bug. A security researcher at HP’s Zero Day Initiative 
discovered a vulnerability in version 1.3 of the RealTek Software Development Kit 
(SDK) used in the development of D-Link and Trendnet broadband routers in which 
attackers can exploit a flaw in the simple object access protocol (SOAP) service to 
execute arbitrary code on the devices. 

Source: http://news.softpedia.com/news/Routers-Built-with-RealTek-SDK-Affected- 
by-Remote-Command-Iniection-Bug-479660.shtml 

21 .April 29, Help Net Security - (International) Threats on government networks 
remain undetected for 16 days. Findings from a report by MeriTalk and Splunk on 
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the state of cyber security in Federal, State, and local government agencies revealed 
that cyber threats exist on government networks for an average of 16 days without 
detection, and that 68 percent of respondents reported that their organizations are 
overwhelmed by the volume of security data they must analyze. Respondents also 
reported the benefits of big data in analytics and the challenges they face due to lack of 
skill or time, among other findings. 

Source: http://www.net-securitv.org/secworld.php?id= 18323 

22. April 29, Help Net Security - (International) Hacker exploits Android devices with 
self-implanted NFC chip. A security researcher at APA Wireless demonstrated that he 
could implant himself with a near field communication (NFC) chip that is undetectable 
by body scanners and could be used to infiltrate and compromise devices in high- 
security locations. The chip would ping nearby Android devices with links to malicious 
files that, once run and installed, would allow for further exploits from a remote 
computer. 

Source: http://www.net-security.org/secworld.php?id= 18324 

23. April 28, Threatpost - ( International) WordPress zero-day vulnerability. WordPress 
patched a critical stored cross-site scripting (XSS) zero-day vulnerability in its release 
of version 4.2.1. The vulnerability affected tens of millions of WordPress sites and 
allowed attackers to store malicious JavaScript in the comment fields of WordPress 
sites that would be executed server-side once the comments are viewed. 

Source: https://threatpost.com/wordpress-patches-zero-dav-vulnerabilitv/112455 

For another story, see item 5 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 

See item 22 
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Commercial Facilities Sector 



24. April 29, WRC 4 Washington, D.C. - (Maryland) Orioles to play at empty stadium 
Wednesday in riot-ravaged Baltimore. A Major League Baseball game scheduled to 
be played at Oriole Park at Camden Yards in Baltimore April 29 was closed to the 
public following a wave of looting and riots around the ballpark after protests in the 
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city April 27 - April 28. Games at the ballpark were postponed April 27 - April 28 due 
to safety concerns. 

Source: http://www.nbcwashington.com/news/local/Orioles-Postponed-Again-in-Riot- 
Ravaged-Baltimore-30 1 5 6442 1 .html 

25. April 28, WGHP 8 High Point- (North Carolina) Residents salvaging belongings 
after Thomasville apartment fire. An April 28 fire at the Oaks Apartment Complex 
in Thomasville, North Carolina, displaced around 100 residents. The cause of the fire is 
under investigation. 

Source: http://myfox8.com/2015/04/28/residents-salvaging-belongings-after- 
thomasville-apartment-fire/ 



[ Return to top ] 



Dams Sector 

Nothing to report 
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NO ACTIVE ALERTS 
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Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 



About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] 
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily 
Open Source Infrastructure Report is archived for 10 days on the Department of Homeland Security Web site: 
http://www.dhs.gov/IPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US -CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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